MSE News

More protection for money transfer scam victims from May

More protection for money transfer scam victims from May

Bank customers who are tricked into transferring cash to fraudsters will have more protection from the end of May. 

Major banks, including Barclays, HSBC, Lloyds Banking Group and the Royal Bank of Scotland, have signed up to a voluntary code of practice for authorised push payment (APP) scams, which states that victims should be reimbursed unless a customer ignored their bank's warnings about the scam, or has been grossly negligent in transferring the money.

The banks will usually have to decide whether or not to refund a victim within 15 working days of the scam being reported, up to a maximum of 35 working days "in exceptional cases", and then make the refund as soon as possible.

Under current rules, when payments are fraudulently made without customers' authorisation, banks are generally obliged to give a refund. But when someone has been tricked into making a payment themselves, in what's known as an 'authorised push payment' (APP) scam, banks aren't obliged to give a refund.

The new voluntary code takes effect from 28 May.

For help on how to protect yourself from fraud, see our 30+ Ways to Stop Scams guide.

What is an 'authorised push payment' scam?

APP scams occur when someone transfers money from their own bank account to one belonging to a criminal. The lost money is then quickly transferred to numerous other accounts, often abroad, and withdrawn by the crooks.

Figures released by trade association UK Finance last year show that in the first half of 2018 consumers lost £92.9 million because of this type of fraud.

What does the code say?

Under the code, banks must try to identify customers that are at higher risk of being a money transfer scam victim, and where it spots a scam it should warn the customer.

It should also try to delay the payment while it investigates the potential scam. In turn, the receiving bank should freeze accounts if it believes funds are from an APP scam.

The code says banks should also implement the Confirmation of Payee service, which will double-check whether the name attached to a payment matches the sort code and account number, and warn the customer if it looks like they're about to send money to the wrong account.

But the code doesn't give a deadline for this and UK Finance, which represents the banks, last month warned this could be delayed until next year.

The code also says banks should provide aftercare for victims, educate customers and collect more data on APP scams.

How to avoid being a victim

Industry body UK Finance has worked with the Government to produce help-sheets and a website to try to prevent consumers falling victim to this kind of scam. Its advice includes:

  • Remember that just because someone knows some personal details – such as your name and address or your mother's maiden name – that doesn't mean they are genuine.

  • Banks or trusted organisations such as the police will never contact you asking for your PIN or full password, or to transfer money to a safe account.

  • Always question uninvited approaches asking for information – it could be a scam. Instead, contact the company directly using a trusted email or phone number to check the request is genuine.

  • Never automatically click on a link in an unexpected email or text.

If you think you've been a victim of fraud, or if you suspect a fraudster has targeted you, report it immediately to your bank and then contact Action Fraud (you can call it on 0300 123 2040).